cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ted Zlatanov <>
Subject Re: Cassandra access control
Date Tue, 01 Dec 2009 21:38:18 GMT
On Tue, 01 Dec 2009 14:23:47 -0600 Eric Evans <> wrote: 

EE> I'm personally not a big fan of the setKeyspace()/getKeyspace() idea.
EE> Getting rid of the keyspace argument makes sense because the keyspace is
EE> the highest (or lowest), level of the data-model so its implicit that an
EE> application need only talk to one. If removing that argument makes sense
EE> (and I think it does), then we should just do that. Accessing more than
EE> one keyspace is a corner case IMO, but its one that can be accommodated
EE> by opening another connection.

I disagree, why would you want to forbid switching the keyspace?  That's
turning off a currently working feature.  Also, connections are not
free, especially across WAN links.

EE> Also, I don't know how others feel, but I'm not comfortable committing
EE> anything that would be a candidate for 0.5 that isn't more fully baked
EE> at this point. So I'd rather see something that is at least minimally
EE> useful targeted for 0.5+1 

I'm not dying to get into 0.5.  My goal is to get a good API in place.
First thing is to agree on the API, then I can implement it.  My first
attempt simply keeps everything working like it did before by using the
AllowAll authenticator.  The next step is to put in configuration
support to use a different authenticator and provide a few basic ones as
we discussed (PAM and LDAP probably).  It's unlikely we'll make 0.5
considering its current state is close to release IIUC.

If we miss 0.5 I'll take out the backwards compatibility API that still
allows the keyspace argument for a few of the calls.  It's not a big
deal to do so.


View raw message